Skip to content

Commit fcd2fda

Browse files
committed
Review feedback
1 parent af2ba0f commit fcd2fda

File tree

3 files changed

+17
-6
lines changed

3 files changed

+17
-6
lines changed

articles/storage/files/storage-files-active-directory-domain-services-enable.md

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -183,4 +183,11 @@ To trigger password rotation, you can run the `Update-AzStorageAccountADObjectPa
183183
```PowerShell
184184
#Update the password of the AD account registered for the storage account
185185
Update-AzStorageAccountADObjectPassword -RotateToKerbKey kerb2 -ResourceGroupName "your-resource-group-name-here" -StorageAccountName "your-storage-account-name-here"
186-
```
186+
```
187+
188+
## Next steps
189+
190+
For more information about Azure Files and how to use AD over SMB, see these resources:
191+
192+
- [ Overview of Azure Files identity-based authentication support for SMB access](storage-files-active-directory-overview.md)
193+
- [FAQ](storage-files-faq.md)

articles/storage/files/storage-files-active-directory-enable.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ Before you enable Azure AD over SMB for Azure file shares, make sure you have co
5454

5555
Before you enable Azure AD DS Authentication over SMB for Azure file shares, verify that your Azure AD and Azure Storage environments are properly configured. We recommend that you walk through the [prerequisites](#prerequisites) to make sure you've completed all the required steps.
5656

57-
Next, grant access to Azure Files resources with Azure AD credentials by following these steps:
57+
Next, do the following things to grant access to Azure Files resources with Azure AD credentials:
5858

5959
- Enable Azure AD DS authentication over SMB for your storage account to register the storage account with the associated Azure AD DS deployment.
6060
- Assign access permissions for a share to an Azure AD identity (a user, group, or service principal).

articles/storage/files/storage-files-active-directory-overview.md

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -19,20 +19,24 @@ To learn how to enable Azure AD DS authentication for Azure file shares, see [En
1919
It's helpful to understand some key terms relating to Azure AD Domain Service authentication over SMB for Azure file shares:
2020

2121
- **Kerberos authentication**
22+
2223
Kerberos is an authentication protocol that is used to verify the identity of a user or host. For more information on Kerberos, see [Kerberos Authentication Overview](https://docs.microsoft.com/windows-server/security/kerberos/kerberos-authentication-overview).
2324

24-
- **Server Message Block (SMB) protocol**
25+
- **Server Message Block (SMB) protocol**
26+
2527
SMB is an industry-standard network file-sharing protocol. SMB is also known as Common Internet File System or CIFS. For more information on SMB, see [Microsoft SMB Protocol and CIFS Protocol Overview](https://docs.microsoft.com/windows/desktop/FileIO/microsoft-smb-protocol-and-cifs-protocol-overview).
2628

27-
- **Azure Active Directory (Azure AD)**
29+
- **Azure Active Directory (Azure AD)**
30+
2831
Azure Active Directory (Azure AD) is Microsoft’s multi-tenant cloud-based directory and identity management service. Azure AD combines core directory services, application access management, and identity protection into a single solution. Azure AD enables your domain-joined Windows virtual machines (VMs) to access Azure file shares with your Azure AD credentials. For more information, see [What is Azure Active Directory?](../../active-directory/fundamentals/active-directory-whatis.md)
2932

30-
- **Azure AD Domain Services (Azure AD DS)**
33+
- **Azure AD Domain Services (Azure AD DS)**
34+
3135
Azure AD Domain Services (GA) provides managed domain services such as domain join, group policies, LDAP, and Kerberos/NTLM authentication. These services are fully
3236
compatible with Windows Server Active Directory. For more information, see [Azure Active Directory (AD) Domain Services](../../active-directory-domain-services/overview.md).
3337

3438
- **Active Directory Domain Services (AD DS, also referred as AD)**
35-
Active directory (AD) (preview) provides the methods for storing directory data while making it available to network users and administrators. Security is integrated with Active Directory through logon authentication and access control to objects in the directory. With a single network logon, administrators can manage directory data and organization throughout their network, and authorized network users can access resources anywhere on the network. AD is commonly adopted by enterpises in on-premises and use AD credentials as the identity for access control. For more information, see [Active Directory Domain Services Overview](https://docs.microsoft.com/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview).
39+
Active directory (AD) (preview) provides the methods for storing directory data while making it available to network users and administrators. Security is integrated with Active Directory through logon authentication and access control to objects in the directory. With a single network logon, administrators can manage directory data and organization throughout their network, and authorized network users can access resources anywhere on the network. AD is commonly adopted by enterprises in on-premises and use AD credentials as the identity for access control. For more information, see [Active Directory Domain Services Overview](https://docs.microsoft.com/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview).
3640

3741
- **Azure Role Based Access Control (RBAC)**
3842
Azure Role-Based Access Control (RBAC) enables fine-grained access management for Azure. Using RBAC, you can manage access to resources by granting users the fewest permissions needed to perform their jobs. For more information on RBAC, see [What is role-based access control (RBAC) in Azure?](../../role-based-access-control/overview.md).

0 commit comments

Comments
 (0)